Suspect
38bb9282346ed2e04f558d023b11ffd2
PE Executable | MD5: 38bb9282346ed2e04f558d023b11ffd2 | Size: 1.05 MB | application/x-dosexec
PE Executable
MD5: 38bb9282346ed2e04f558d023b11ffd2
Size: 1.05 MB
application/x-dosexec
Summary by MalvaGPT
Characteristics
Symbol Ofbuscation Score
Medium
|
Hash | Hash Value |
|---|---|
| MD5 | 38bb9282346ed2e04f558d023b11ffd2
|
| Sha1 | 6182000d0f4b8ec13b5647494009ee6d12492684
|
| Sha256 | 4fe34e5958a34b04a05f731aeec5eeb6c69b7e4b38c1bd0dd6d8bcb3e532f25f
|
| Sha384 | 449a2b557984f369298870406264a13dd721e4f94377c28e642901d6fdf3270e216d3c682459b7cb23b219931a0c01bc
|
| Sha512 | eb95e5e3e39c85992893b4aacd50197622563e046db1dd8f71a124beb7e1998ba22c8f13f881c32a6a7880b6be0ca0f4fd25ba2f3d200a3b7d21742929853cad
|
| SSDeep | 24576:Ymx0Pq5mMbr8CftV3BMV1hlXmEOBX9Sn7EA11ad+vOZ/TamAT:YmxHrIEN2HhgLX92YW1sQCW3T
|
| TLSH | E725236426A8D733DC716BF62475E23103B52E4EA263C70A4EEDECDF7265B204A50B53
|
PeID
Microsoft Visual C++ DLL
Microsoft Visual C++ v6.0
File Structure
38bb9282346ed2e04f558d023b11ffd2
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SlotMachine.SlotDisplay.resources
SlotMachine.Properties.Resources.resources
NH
[NBF]root.Data
SNEzyK
[NBF]root.Data
[NBF]root.Data-preview.png
Informations
|
Name0 | Value |
|---|---|
| Info | PE Detect: PeReader OK (file layout) |
| Info | PDB Path: TuTrwG.pdb |
| Module Name | TuTrwG.exe |
| Full Name | TuTrwG.exe |
| EntryPoint | System.Void SlotMachine.Program::Main() |
| Scope Name | TuTrwG.exe |
| Scope Type | ModuleDef |
| Kind | Windows |
| Runtime Version | v4.0.30319 |
| Tables Header Version | 512 |
| WinMD Version | <null> |
| Assembly Name | TuTrwG |
| Assembly Version | 1.0.0.0 |
| Assembly Culture | <null> |
| Has PublicKey | False |
| PublicKey Token | <null> |
| Target Framework | .NETFramework,Version=v4.5 |
| Total Strings | 374 |
| Main Method | System.Void SlotMachine.Program::Main() |
| Main IL Instruction Count | 10 |
| Main IL | nop <null> call System.Void System.Windows.Forms.Application::EnableVisualStyles() nop <null> ldc.i4.0 <null> call System.Void System.Windows.Forms.Application::SetCompatibleTextRenderingDefault(System.Boolean) nop <null> newobj System.Void SlotMachine.SlotDisplay::.ctor() call System.Void System.Windows.Forms.Application::Run(System.Windows.Forms.Form) nop <null> ret <null> |
38bb9282346ed2e04f558d023b11ffd2 (1.05 MB)
File Structure
38bb9282346ed2e04f558d023b11ffd2
Structure
DosHeader
PE Header
Optional Header (x64)
Section Headers
.text
.rsrc
Resources
RT_VERSION
ID:0001
ID:0
RT_MANIFEST
ID:0001
ID:0
.Net Resources
SlotMachine.SlotDisplay.resources
SlotMachine.Properties.Resources.resources
NH
[NBF]root.Data
SNEzyK
[NBF]root.Data
[NBF]root.Data-preview.png
Characteristics
No malware configuration were found at this point.
You must be signed in to post a comment.
You need a premium account to access this feature.
You must be signed in to post a comment.